Others combine password-manager use with other security measures, such as physical security keys plugged into their computers.

Still others have unusual, often-convoluted systems for generating passwords on their own.

Here’s a sampling of the responses I received:

I LOVE 1Password! I’ve used it for the past 6 years and can’t live without it.

I use both the Mac version for my MacBook Pro and iMac, and I use the mobile iOS version for my iPads and iPhone and they all stay backed up and in sync.

I also recommend it to my clients due to security, ease of use, and the fact that they can have all of their passwords with them at all times, but only need to memorize one master password to get access to all of their other ones.

So many people use the same password for ALL of their accounts and websites. That is crazy and just asking for major trouble. With 1Password and similar software it’s so easy to use a different password for everything, yet never be at a loss for knowing what those passwords are.

I’m also glad that I use 1Password because I know that their competitor, LastPass was recently hacked:

As you know, 1Password is available for Mac, Windows, iPhone, iPad and Android. People can test it out by downloading a free trial.

The small and midsize businesses that we consult with generally don’t have the budget for an enterprise-grade solution. (So) we recommend KeePass (which is free), along with a specific configuration:

1. Use a long passphrase that’s easy to remember but hard to guess-something like “PlasticPotatoTornado2879@&!” to secure the encrypted password database.

2. Configure KeePass to also require a certificate for authentication, giving you the benefit of multi-factor authentication (something you have and something you know). We recommend keeping this on an SD card for laptops, or on a USB thumb drive for desktops and other systems. Be sure to make a backup of the key somewhere offline, like a second SD card or USB drive!

I use KeePass. I use DropBox to share the password database, which is encrypted with both a password and a key file. Even if someone else gets hold of a copy of the database, they have to crack a combined password of over 2K bytes.

I use Linux and Android for 90% of my daily computing, and KeePass runs on both, plus common commodity platforms from Apple and Microsoft.

So…

I use KeePass. It runs on a lot of different platforms (I use Linux and Android primarily). I can share the password database across multiple devices using cloud storage (e.g. DropBox) because KeePass uses a two-part encryption scheme. You need the password database, a separate key file, and the password in order to gain access to the data.

Christopher Hertel, St. Paul

My solution is to store all of my passwords in KeePass. KeePass uses strong encryption algorithm on the password database file that holds your passwords, so the biggest weakness is the password you use to launch the program. For that, I use a VERY long pass phrase that’s easy to remember but very hard to guess.

I store my KeePass files in cloud storage (e.g. Dropbox, Box, Watchdox, etc.) and use a very long password with multi-factor authentication on that cloud storage. Anytime I want to log in to that from a new device, it texts me with an access code that I need in addition to my password. The storage client synchronizes across my computers. I don’t use my phone or tablet to access anything sensitive, so I don’t install the clinet on those.

With KeePass, even if someone compromises my cloud storage they still don’t get my most private information. It’s not a perfect solution, but it’s pretty good.

Lastly there are a handful of passwords that I just memorize (work computer, home computer, email), and I make sure to use different passwords on each account.

Michael Rogers, St. Paul

1Password. Very useful, rock solid, well integrated. It’s the second thing I install on any new iPhone, iPad or Mac (right after Dropbox).

Mike Evangelist, St. Paul

I love 1Password by AgileBits!

I have their app on my work MacBook Pro and my home iMac and MacBook Air, as well as my iPad and iPhone. I keep my passwords synced using iCloud, and I have two-factor authentication turned on with iCloud, for an added layer of protection.

Also, they look out for any site that has been compromised; if I navigate to such a site, the 1Password web browser plugin prompts me to change my password.

So no matter what app or site I need to use, on any device, anywhere I am, I can access, create and change complex passwords immediately. Combined with my multiple backups (because, duh), I don’t have any computer-related worries.

I use LastPass Enterprise for myself and all of the employees in my small business.

Being in the cyber industry, we know how easy it is for someone to get a hold of one’s password, so we take two other precautions. Just using LastPass to safeguard your passwords is not enough.

We also use a physical, hardware key that must be present to access my LastPass account.

Also, the days of easy-to-remember passwords has gone the way of the dodo. We also use separate lengthy, randomized passwords generated by LastPass for every website. This way, if someone gets a hold of my credit card account password, they don’t have the password for my bank account, etc.

Back in October of last year, Google incorporated the U2F protocol within the Chrome browser to protect user access to Gmail accounts. What this did was allow for two-factor authentication with a YubiKey hardware security key to be added to Google accounts.

The beauty of two-factor is it reduces the need for super long and complex passwords because the real authentication into the accounts is within touching the physical device.

Without the device, your accounts can’t be accesses thus protecting from phishing and man-in-the-middle attacks. You have a key to your car, house, and many other things, the YubiKey is your physical key for your online identity.

Additionally, as you mentioned LastPass in your query, the YubiKey is one of the preferred methods for two-factor authentication with LastPass. Combining something you know (user name/password) with something you have (a physical device, in this case a YubiKey from Yubico).

With the multitude of passwords that we all have to manage these days, it is incumbent to come up with a system to keep them all straight and to access them.

I run a successful web design company, and am often asked how we manage the passwords for ourselves and for the client sites that we create (i.e. WordPress login passwords.)

Over the years we’ve tried lots of methods from encrypted text files to PGP keys. What has worked best for us is a password application. There are lots of them out there … we use 1Password. We have no affiliation with them or any other kind of relationship. We’re just a happy customer.

Using a password manager allows you to attain deep security while at the same time having access to your passwords on multiple machines and devices.

The important thing is not the application, but the ability to generate (almost) impossible-to-crack passwords of 15 characters or more. These are all stored in the encrypted database that is part of the application.

We were somewhat worried at first that maybe the database might get corrupted, but after two years of using password management software, we’re sold on the idea and we recommend the use of a manager to our clients.

I use Dashlane to store my ever growing list of passwords. However, due to being a natural born cynic I didn’t want to completely trust them to store all my details. So when setting up a new website account my (convoluted) process is as follows:

I’ve looked at lastpass and similar programs and I might pick them up, but I use a system I saw written somewhere a long time ago.

I have my email password, and this is totally unique. it doesn’t share anything in common with my other passwords, and it’s long. Since this is my Google account, a lot of stuff connects to it.

I use oAuth whenever possible to keep from setting up other accounts. For other services, I create different passwords, but they’re similar if they share usage. For example, my social media accounts have similar passwords, but each has something that makes them unique.

Example: (not real passwords, obviously)

Facebook: #Apple85Bird1991Plum

Twitter: #Apple85Bird1992Plum

LinkedIn: #Apple85Bird1993Plum

These are long, and each is unique, but they’re easier to remember thanks to them sharing some common piece. It’s not the strongest setup, and I like updating my passwords every few months, but it’s a lot better than using the same one on multiple sites.